MALICIOUS
140
Risk Score
Heuristics 2
-
ClamAV: Eicar-Test-Signature critical CLAMAV_DETECTIONClamAV detected this file as malware: Eicar-Test-Signature
-
Embedded OLE object medium OOXML_OLE_OBJECTDocument contains an embedded OLE object
Extracted artifacts 4
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
ooxml_oleobject_00.bin |
ooxml-ole-object | OOXML embedded OLE part: xl/embeddings/oleObject1.bin | 3072 bytes |
SHA-256: 856d39e8439a8095f0aefc1f6696277d6ea3c02bb2f791830fa6667eaa2b257f |
|||
|
Detection
ClamAV:
Eicar-Test-Signature
Obfuscation or payload:
unlikely
|
|||
ooxml_oleobject_00_ole10native_00.bin |
ole-package | OOXML xl/embeddings/oleObject1.bin Ole10Native stream: Ole10Native | 575 bytes |
SHA-256: 18daccfd55efff9a2298031dbc53dcf6d898b97cf25ff23096f8fabf9de331a0 |
|||
ooxml_oleobject_00_ole10native_00_eicar.txt |
ole-package-payload | OOXML xl/embeddings/oleObject1.bin Ole10Native payload: display_name=eicar.txt; full_path=C:\Users\YZ\AppData\Local\Temp\{1BCCD91E-1642-4F87-B5D0-4827D8A92950}\{41AF9B28-DDE0-4749-A276-90D2750869C8}\eicar.txt; temp_path=; def_file= | 68 bytes |
SHA-256: 275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f |
|||
|
Detection
ClamAV:
Eicar-Test-Signature
Obfuscation or payload:
unlikely
|
|||
emf_00.emf |
ooxml-emf | OOXML EMF part: xl/media/image1.emf | 4988 bytes |
SHA-256: 626b2e550af6f5ba4621539ae72862a6b336997ef9281f8c48403fea4d63fb5f |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.